We have plenty of people who would ditch Outlook entirely in that scenario - even AT their desks. Not gonna happen on my watch.
Not to mention, sooner or later they'd get really pissed having to use the SecurID keyfob to log into their email. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: William Lefkovics [mailto:[EMAIL PROTECTED]] > Sent: Friday, December 13, 2002 9:44 AM > To: Exchange Discussions > Subject: RE: Securing the OWA Kiosk > > > > You're such an email nazi. ;o) > > I used to use OWA when away from my desk elsewhere in the office. > > William > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Roger > Seielstad > Sent: Friday, December 13, 2002 5:44 AM > To: Exchange Discussions > > I don't support OWA via VPN - if you're VPN'ed in, use > Outlook. In fact, > I've IP-limited OWA to external users only. We provide Outlook for a > reason > - we expect it to be used. > > As I said before, we do secure OWA with a multi-factor one time use > authentication system (RSA's SecurID) which works well. > > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: Martin, Jon [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, December 12, 2002 1:38 PM > > To: Exchange Discussions > > Subject: RE: Securing the OWA Kiosk > > > > > > Mark, > > > > Thanks - interesting audit. If we decide to go forward with > > allowing non-VPN > > clients access to Outlook we will take a closer look at the > > product. Is > > anyone aware of similar products? > > > > A question for the group on a related topic: is it common > > practice to allow > > non-VPN clients to access Outlook via OWA, or do most > > companies require at > > least a VPN connection? > > > > Jon > > > > -----Original Message----- > > From: Mark Rotman [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, December 12, 2002 9:52 AM > > To: Exchange Discussions > > Subject: RE: Securing the OWA Kiosk > > > > Jon, > > > > You could have a look at this OWA audit for some more > > details. Be aware that > > the document is useful, but the issues in it (as well as > your #1) are > > handled by Messageware's SecureLogoff product. > > > > http://www.messageware.net/audits/owa.html > > > > -----Original Message----- > > From: Martin, Jon [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, December 11, 2002 3:22 PM > > To: Exchange Discussions > > Subject: Securing the OWA Kiosk > > > > > > How are folks handling the following potential security risks > > using OWA from > > unsecured workstations, such as a kiosk or library environment? > > > > 1. Cached web pages, etc. on the workstation. User walks > away without > > closing the browser, the next user has access to the previous > > users' email. > > > > 2. Stealth keyboard capture program grabs userids and passwords. > > > > It seems like there is a common train of thought about remote > > OWA that 'It > > is only email, what is the worst that could happen?' My take > > is someone who > > has unauthorized access to email can potentially: > > > > - Get people fired; > > - Get people arrested; > > - Get companies/people sued; > > - Cost companies/people money. > > > > Thanks . . . > > > > Jon Martin > > Systems Programmer > > East Bay Municipal Utility District (EBMUD) > > Oakland, CA > > > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
